Hi there!
We posted a message earlier this morning. We checked everything again (new initialization of db, new ex- and import of the (sub) ca certificate, ...). In fact, we found out that the approved and signed the request (by the RA admin) is indeed valid. The openCA tool doesn't extract the right cert details though, when we look at the approved requests. It takes out the serial number of the RA admin, but other details from the CA certificate. So there is still the question why the RA certificate cannot be found in the database.
Signature Status: Unknown Status Message: Signature Verification Error DB Status: Cannot find the certificate with the matching serial in the database (6303).
I tested sub CAs over the weekend and have no problems. So can I hope you can do some diagnostic debugging for me:
1. go to file crypto-utils.lib 2. after the error 6301 and directl before "my $sigCert=..."
print "CHAIN: ".$sig->getSigner()->{CERTIFICATE}."<br>\n";
Perhaps this variable include more than one certificate or the wrong certificate. If this happens then we must find the correct one or check the code where the mistake happens. Sorry for the slow debugging but I cannot simulate the problem.
Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
